Type(Type) 2015/1/28 19:18
GHOST (GetHOST by name) glibc 2.12 ~ 2.17 漏洞與影響範圍
GHOST 影響範圍
Buffer Overflow: __nss_hostname_digits_dots() gethostbyname() & gethostbyname2()
GLIBC: glibc 2.12 / glibc 2.13 / glibc 2.14 / glibc 2.15 / glibc 2.16 / glibc 2.17
可能影響的 Linux Distro:
CentOS 6 & 7
Debian 7
Red Hat Enterprise Linux 6 & 7
Ubuntu 10.04 & 12.04 (Ubuntu 14.04 安全!)
Fedora 16, 17, 18, 19 (Fedora 20, Fedora 21 安全!)
或者其他使用 glibc 2.12 ~ glibc 2.17 的系統
如果你的系統是上述系統,請立即更新 yum update or apt-get upgrade
GHOST 測試方式: ldd --version
代碼:
#
# List all possible Application who use glibc
#
$ lsof | grep libc | awk '{print $1}' | sort | uniq
Ubuntu1404# ldd --version
ldd (Ubuntu EGLIBC 2.19-0ubuntu6.5) 2.19 <-------------- Safe
CentOS 6# ldd --version
ldd (GNU libc) 2.17 <--------------------------- Might not be safe
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.
GHOST 修補方式: 立刻升級系統!
代碼:
$ sudo yum update glibc
or
$ sudo apt-get update;sudo apt-get upgrade
or
$ sudo apt-get update && sudo apt-get dist-upgrade
參考文件:
https://access.redhat.com/security/cve/CVE-2015-0235
https://security-tracker.debian.org/tracker/CVE-2015-0235
http://arstechnica.com/security/2015/01/highly-critical-ghost-allowing-code-execution-affects-most-linux-systems/
http://www.openwall.com/lists/oss-security/2015/01/27/9
_
(5,100 views)
© Vovo2000.com Mobile Version 小哈手機版 2024